Uploaded image for project: 'Policy Framework'
  1. Policy Framework
  2. POLICY-510

Do not enforce hostname validation

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: Amsterdam Release
    • Fix Version/s: Beijing Release
    • Labels:
      None

      Description

      Since OOM and HEAT are using two different ways of interacting with the system, hostname validation shouldn't be enforced, because OOM using internal kunermetes resolution, while HEAT uses plain hostname resolution.

       

      [2018-01-05 17:52:21,418|ERROR|RESTManager|Session org.onap.policy-engine.drools.amsterdam:policy-amsterdam-rules:0.6.0:closedloop-amsterdam] Failed to POST to https://aai-service.onap-aai:8443/aai/search/named-query
      javax.net.ssl.SSLPeerUnverifiedException: Host name 'aai-service.onap-aai' does not match the certificate subject provided by the peer (EMAILADDRESS=aai-host@api.simpledemo.openecomp.org, CN=aai.api.simpledemo.openecomp.org, O=ONAP, L=Bedminister, ST=NJ, C=US)
          at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:465)
          at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:395)
          at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)
          at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)
          at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
          at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
          at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
          at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
          at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
          at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
          at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
          at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
          at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
          at org.onap.policy.rest.RESTManager.post(RESTManager.java:81)
          at org.onap.policy.aai.AAIManager.postQuery(AAIManager.java:51)
          at org.onap.policy.controlloop.actor.appclcm.AppcLcmActorServiceProvider.vnfNamedQuery(AppcLcmActorServiceProvider.java:168)
          at org.onap.policy.controlloop.eventmanager.ControlLoopOperationManager.<init>(ControlLoopOperationManager.java:199)
          at org.onap.policy.controlloop.eventmanager.ControlLoopEventManager.processControlLoop(ControlLoopEventManager.java:339)
          at org.onap.policy.controlloop.Rule_com$u46$Config_BRMS_Param_BRMSParamvFirewall$u46$EVENT$u46$MANAGER252219256.defaultConsequence(Rule_com$u46$Config_BRMS_Param_BRMSParamvFirewall$u46$EVENT$u46$MANAGER252219256.java:145)
          at org.onap.policy.controlloop.Rule_com$u46$Config_BRMS_Param_BRMSParamvFirewall$u46$EVENT$u46$MANAGER252219256DefaultConsequenceInvokerGenerated.evaluate(Unknown Source)
          at org.onap.policy.controlloop.Rule_com$u46$Config_BRMS_Param_BRMSParamvFirewall$u46$EVENT$u46$MANAGER252219256DefaultConsequenceInvoker.evaluate(Unknown Source)
          at org.drools.core.common.DefaultAgenda.fireActivation(DefaultAgenda.java:1052)
          at org.drools.core.phreak.RuleExecutor.fire(RuleExecutor.java:121)
          at org.drools.core.phreak.RuleExecutor.evaluateNetworkAndFire(RuleExecutor.java:74)
          at org.drools.core.common.DefaultAgenda.fireNextItem(DefaultAgenda.java:970)
          at org.drools.core.common.DefaultAgenda.fireLoop(DefaultAgenda.java:1312)
          at org.drools.core.common.DefaultAgenda.fireUntilHalt(DefaultAgenda.java:1232)
          at org.drools.core.impl.StatefulKnowledgeSessionImpl.fireUntilHalt(StatefulKnowledgeSessionImpl.java:1398)
          at org.drools.core.impl.StatefulKnowledgeSessionImpl.fireUntilHalt(StatefulKnowledgeSessionImpl.java:1377)
          at org.onap.policy.drools.core.PolicySession$DefaultThreadModel.run(PolicySession.java:563)
          at java.lang.Thread.run(Thread.java:748)

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              Assignee:
              adetalhouet Alexis de Talhouët
              Reporter:
              adetalhouet Alexis de Talhouët
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: